Port forwarding with rinetd under Debian

Port forwarding with rinetd under Debian

With rinetd instead of iptables even http and https traffic can be forwarded. This offers numerous possibilities with a very simple implementation at the same time. Because rinetd has to be installed and configured only shortly.

The installation under Debian is done with

apt-get install rinetd

is possible.

After that the configuration file has to be updated with

nano /etc/rinetd.conf

must be edited. The following (exemplary) content can then be inserted here:

127.0.0.1 80 127.0.0.2 80
127.0.0.1 443 127.0.0.2 443

The first IP address is usually the normal server IP address directly followed by the port, then the forwarding destination including port is entered. Port 80 is used for normal http-traffic and port 443 for https-traffic.

After that rinetd has to be restarted:

service rinetd restart

What problems arise from using port forwarding with rinetd?

The biggest problem is on the forwarding destination side, because the forwarding destination can no longer correctly associate the original client. This complicates the use of firewall rules and tools like Fail2Ban, because in the worst case all clients are blocked at the same time.

Leave a Reply

Your email address will not be published. Required fields are marked *